US9736678B2ActiveUtilityA1

Tamper prevention for electronic subscriber identity module (eSIM) type parameters

92
Assignee: APPLE INCPriority: Apr 4, 2014Filed: Nov 28, 2016Granted: Aug 15, 2017
Est. expiryApr 4, 2034(~7.7 yrs left)· nominal 20-yr term from priority
G06F 2212/1052G06F 3/0622H04W 8/183G06F 3/0637G06F 3/0673G06F 12/0223G06F 2212/177G06F 3/0665H04W 8/205H04W 12/08G06F 3/0679G06F 21/79G06F 21/73H04W 12/35H04W 4/60H04W 4/50H04L 63/101
92
PatentIndex Score
7
Cited by
3
References
20
Claims

Abstract

Disclosed herein are various techniques for preventing or at least partially securing parameters—e.g., Type parameters—of electronic Subscriber Identity Modules (eSIMs) stored within an embedded Universal Integrated Circuit Card (eUICC) from being inappropriately modified by mobile network operators (MNOs). One embodiment sets forth a technique that involves modifying file access properties of the Type parameters of eSIMs to make the Type parameters readable, but not updatable by the MNOs. Another embodiment sets forth a technique that involves implementing eSIM logical containers that separate the Type parameters from the eSIM data within the eUICC, such that the Type parameters are inaccessible to the MNOs. Yet another embodiment sets forth a technique that involves implementing an Operating System (OS)-based registry that is inaccessible to the MNOs and manages Type parameters for the eSIMs that are stored by the eUICC.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method for protecting a unique identifier of an electronic Subscriber Identity Module (eSIM) that is associated with a Mobile Network Operator (MNO), the method comprising:
 at an embedded Universal Integrated Circuit Card (eUICC) included in a mobile device:
 receiving a request to store the eSIM within a memory that is accessible to the eUICC; and 
 in response to the request:
 storing the eSIM into the memory, 
 parsing a file system of the eSIM to identify the unique identifier, and 
 updating a file access property of the unique identifier to prevent the unique identifier from being modified by the MNO. 
 
 
 
     
     
       2. The method of  claim 1 , wherein the mobile device is configured to access wireless services provided by the MNO. 
     
     
       3. The method of  claim 2 , wherein a Type parameter of the eSIM indicates that the eSIM is a bootstrap-type eSIM that enables the mobile device to access standard services provided by the MNO. 
     
     
       4. The method of  claim 2 , wherein a Type parameter of the eSIM indicates that the eSIM is an operator-type eSIM that enables the mobile device to access standard services provided by the MNO. 
     
     
       5. The method of  claim 1 , wherein the memory is a component of the eUICC. 
     
     
       6. The method of  claim 1 , further comprising:
 updating the file access property of the unique identifier to enable the unique identifier to be read by the MNO. 
 
     
     
       7. The method of  claim 1 , wherein, subsequent to updating the file access property, the eUICC remains capable of modifying the unique identifier. 
     
     
       8. The method of  claim 1 , further comprising:
 parsing the file system of the eSIM to identify a Type parameter associated with the eSIM, and 
 updating a file access property of the Type parameter to prevent the type parameter from being modified by the MNO. 
 
     
     
       9. A method for protecting a unique identifier associated with an electronic Subscriber Identity Module (eSIM) that is associated with a Mobile Network Operator (MNO), the method comprising:
 at an embedded Universal Integrated Circuit Card (eUICC) included in a mobile device:
 receiving a request to store the eSIM within a memory that is accessible to the eUICC; and 
 in response to the request:
 establishing, within the memory, a logical container for the eSIM, 
 establishing, within the logical container, at least a first logical sub-container and a second logical sub-container, wherein:
 the first logical sub-container is accessible to the MNO, and 
 the second logical sub-container is not accessible to the MNO, 
 
 storing the eSIM into the first logical sub-container, and 
 storing the unique identifier into the second logical sub-container. 
 
 
 
     
     
       10. The method of  claim 9 , further comprising:
 updating a configuration of the eUICC to cause the second logical sub-container to be referenced when attempting to identify the unique identifier of the eSIM. 
 
     
     
       11. The method of  claim 9 , wherein the mobile device is configured to access wireless services provided by the MNO. 
     
     
       12. The method of  claim 11 , wherein a Type parameter of the eSIM indicates that the eSIM is a bootstrap-type eSIM that enables the mobile device to subscribe to access standard services provided by the MNO. 
     
     
       13. The method of  claim 11 , wherein a Type parameter of the eSIM indicates the eSIM is an operator-type eSIM that enables the mobile device to access standard services provided by the MNO. 
     
     
       14. The method of  claim 9 , wherein, for each eSIM managed by the eUICC, there exists a corresponding logical container. 
     
     
       15. A method for protecting a unique identifier associated with an electronic Subscriber Identity Module (eSIM) that is associated with a Mobile Network Operator (MNO), the method comprising:
 at an embedded Universal Integrated Circuit Card (eUICC) included in a mobile device:
 receiving a request to store the eSIM within a memory that is accessible to the eUICC; and 
 in response to the request:
 storing the eSIM into the memory, and 
 storing the unique identifier into a registry of an Operating System (OS), wherein the ROM registry is inaccessible to the MNO. 
 
 
 
     
     
       16. The method of  claim 15 , wherein, for each eSIM managed by the eUICC, there exists a corresponding unique identifier stored in the registry. 
     
     
       17. The method of  claim 15 , further comprising:
 updating a configuration of the eUICC to cause the registry to be referenced when attempting to identify the unique identifier of the eSIM. 
 
     
     
       18. The method of  claim 15 , wherein, subsequent to storing the unique identifier into the registry, the eUICC remains capable of modifying the unique identifier. 
     
     
       19. The method of  claim 15 , further comprising:
 storing a Type parameter associated with the eSIM into the registry, wherein:
 the Type parameter indicates that the eSIM is a bootstrap-type eSIM that enables the mobile device to subscribe to access standard services provided by the MNO, or 
 the Type parameter indicates that the eSIM is an operator-type eSIM that enables the mobile device to access standard services provided by the MNO. 
 
 
     
     
       20. The method of  claim 19 , wherein the OS executes on the eUICC.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.